Amazon Kindle Library Flaw Exposes User Cookies: Report

Share on Facebook Tweet Snapchat Share Reddit Comment
Amazon Kindle Library Flaw Exposes User Cookies: Report

Amazon's 'Manage Your Kindle' page has been reportedly spotted with a flaw that could give hackers access to the user's cookies.

According to a user named Benjamin Daniel Musserl who discovered the bug, if users load a corrupted e-book featuring malicious scripts in their Kindle library, by either downloading and importing, or tapping 'Send to Kindle' from a untrustworthy website, hackers can get access to the user account's cookies.

Notably, corrupted e-books that are said to give access to a user's Amazon account cookies include scripts in their title, such as .

"Once an attacker manages to have an e-book (file, document, ...) with a title like added to the victim's library, the code will be executed as soon as the victim opens the Kindle Library web page. As a result, Amazon account cookies can be accessed by and transferred to the attacker and the victim's Amazon account can be compromised," stated Musserl on a blog post.

In addition, Musserl said that he discovered the bug back in October last year, but Amazon patched it soon after. However, the bug started showing again after Amazon introduced an overhauled 'Manage Your Kindle' section.

Users can however avoid the bug by simply not importing e-books from any other website except Amazon, or other trustworthy sources. The company is yet to make an official comment on the issue.

In July, Amazon announced the launch of a Kindle Unlimited ebooks and audiobooks subscription service. For $9.99 (roughly Rs. 610) a month, customers can read from over 600,000 Kindle books, and listen to thousands of Audible audiobooks, 'keeping' individual titles for as long as they want.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Google Play Newsstand Paid Content Arrives in India, Other New Countries
Hike Messenger Targets 100 Million Users by End of 2015

Related Stories

 
 

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2020. All rights reserved.
Listen to the latest songs, only on JioSaavn.com